diff options
author | Bodo Möller <bodo@openssl.org> | 2002-03-05 15:29:30 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2002-03-05 15:29:30 +0000 |
commit | 2c17323e156de12e63a68311d611262c977e7fce (patch) | |
tree | 3325d5f6240d9027fb2a02d9f8a467e2a2be37f6 /doc | |
parent | 870694b3da75d0757b400e802caea9d98510b8a4 (diff) | |
download | openssl-2c17323e156de12e63a68311d611262c977e7fce.tar.gz |
Rephrase statement on the security of two-key 3DES.
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.
Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/des_modes.pod | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod index 36b77c454d..da75e8007d 100644 --- a/doc/crypto/des_modes.pod +++ b/doc/crypto/des_modes.pod @@ -204,8 +204,8 @@ just one key. =item * If the first and last key are the same, the key length is 112 bits. -There are attacks that could reduce the key space to 55 bit's but it -requires 2^56 blocks of memory. +There are attacks that could reduce the effective key strength +to only slightly more than 56 bits, but these require a lot of memory. =item * |